Hardware Today: Security, After the Breach
You've taken great care to back up your data and secure the server room. But is this always enough? We look at two products -- one to secure the rack and one to protect backup tapes -- designed for after an intruder has picked the lock.
Security is a hot topic these days, and enterprises are constantly looking for better protection from viruses, spam, phishers, hackers, crackers, and terrorists. Physical security has taken a front seat in the past three years, although it isn't always as effective as its software counterpart when it comes to stopping thieves from slipping through the cracks (both literal and metaphorical) to gain access to the server room.
Of course, most data centers use some access control. Unfortunately, methods of compromise range from using raw force after hours to social engineering, where thieves use psychological savvy to gain entry in broad daylight. Once such breaches occur, enterprises that have employed security measures on the devices themselves still have a shot at keeping their data and hardware secure.
In the past, Hardware Today has looked at various tactics for keeping equipment secure to prevent a breach. We've covered security from a variety of perspectives, such as natural disaster recovery, preventing man-made security attacks, and SAN Storage Security.
This week, Hardware Today looks at two products that keep the server room secure once its perimeter has been breached: One bolsters protection for the actual rack; the other is a hardware-level encrypted tape drive.
Technical furniture manufacturer SMC has added a layer of security to the rack itself with products such as the SmartCabinet II, a blanket name for technology that attaches to any of SMC's three rackmount cabinet enclosures: Multi-Rack, Platinum, and Premier.
"Smart" technology, SMC Vice President John Farris told ServerWatch, "consists of hardware mounted in the enclosure, a solenoid lock, a keypad wiring, and proprietary software." Although SmartCabinet II technology works only with SMC racks, the racks are configurable to allow servers of variable sizes. The Multi-Rack II, for example, works with any 19-inch E.I.A. standard hardware.Although SMC is not the only player in this space, with the SmartCabinet II, it boasts of being the only manufacturer to offer a "total management security solution," Farris said.
SMC claims getting into the rack undetected would be simply impossible. "SmartCabinet II can monitor, audit, and provide status reporting of your mission-critical enclosures," Farris said. Lest mission-critical servers attract mission-impossible thieves, the Smart Cabinet II includes proximity sensors and can be fitted with optional temperature sensors. Should an interloper suspend herself from the server room ceiling via Cat-5 cables to dodge an enterprise's touch-sensitive floors and reach the cabinet, the SmartCabinet II's built-in Ethernet connection will log any disturbances to a separate server and trigger alarms.
"Alarms go off for an unauthorized entry, unsecured door, door open beyond time allocated, and wrong PIN attempted," Farris said. While these may catch a thief in progress, they also offer value in the day-to-day administration of the data center by nipping administrator carelessness before servers are granted open house status.For more run-of-the-mill concerns, the SmartCabinet II's secure PIN codes are configurable by cabinet or rack door, allowing different access permissions on different servers for different tasks. Wiring personnel can be granted only back cabinet door access, and software administrators only front door access. This limited access prevents software technicians from stealing hardware and wirers from hacking.
The SmartCabinet II starts at $2,500 and includes a Multi-Rack enclosure.